On Sun, Jul 26, 2015 at 03:07:06PM -0400, Ted Unangst wrote:
> Marc Espie wrote:
> >
> > I don't think it falls on the side of bloat, and it's a pretty nifty option
> > to sudo...
>
>
> > @@ -361,7 +365,7 @@ main(int argc, char **argv, char **envp)
> > }
> >
> > if (!(rule->options & NOPASS)) {
> > - if (!auth_userokay(myname, NULL, NULL, NULL)) {
> > + if (nflag || !auth_userokay(myname, NULL, NULL, NULL)) {
> > syslog(LOG_AUTHPRIV | LOG_NOTICE,
> > "failed password for %s", myname);
> > fail();
> >
>
> alright, so technical nit. i don't think we want it syslogging in this case. i
> would add a separate block just above.
>
> if (nflag)
> fail();
>
> or perhaps even better:
>
> if (nflag)
> errx(1, "Authorization required");
yep, good for me.
Gonna commit this later.